Chinese Financial Statements Come Under Srutiny by U.S. SEC
Disabled high school grad asks for Diploma to be Invalidated

Does Whistleblower Award to a Compliance Officer Threaten Confidentiality Obligation?

Protecting the Public Interest by Blowing the Whistle on Employer Wrongdoing

The Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank) was adopted by Congress on January 5, 2010 in response to numerous instances of financial fraud by some of the largest companies in the U.S. It changed the regulatory landscape for internal accountants and internal auditors, and external auditors and auditing firms by protecting whistleblowers that voluntarily provide the SEC with original information about a violation of federal securities laws that leads to a successful enforcement action. The SEC should not have had access to the sensitive information through independent channels for the whistleblower to be eligible for the award. 

Dodd-Frank provides a reward for whistleblowers of not less than 10 percent and not more than 30 percent, in total, of what has been collected of the monetary sanctions imposed by the courts as a result of the enforcement action taken by the SEC. The settlement must result in monetary sanctions of more than $1 million.  Some have characterized the reward as incentivizing whistleblowing and providing a bounty hunter’s payment for disclosing the relevant information to the SEC.

Under Dodd-Frank, internal accountants are excluded from receiving whistleblower awards because of their pre-existing legal duty to report securities violations. This includes individuals with internal compliance or audit responsibilities at an entity who receive information about potential violations since it is part of their job responsibilities to report suspicion of illegal acts and fraud to management.

 Internal accountants are eligible to become Dodd-Frank whistleblowers in three situations: (1) disclosure to the SEC is needed to prevent “substantial injury” to the financial interest of an entity or its investors; (2) the whistleblower “reasonably believes” the entity is impeding investigation of the misconduct (e.g., destroying documents or improperly influencing witnesses); or (3) the whistleblower has first reported the violation internally and at least 120 days have passed with no action.

 The substantial injury provision does not require the whistleblower to reasonably believe that the entity might commit a “material violation”; rather, the whistleblower will generally only need to demonstrate that responsible management or governance personnel at the entity were aware of an “imminent violation” and were not taking steps to prevent it. The 120 day “look-back” period begins after the internal accountant or auditor either provided information of a possible violation to the relevant entity’s management (i.e., audit committee, chief legal officer, or chief compliance officer), or at least 120 days have elapsed since the whistleblower received the information, if the whistleblower received it under circumstances indicating that these people are already aware of the information.

The internal accountant cannot become eligible for a whistleblower award by learning of possible misconduct, realizing that those responsible for the entity’s compliance are not aware of the possible misconduct, failing to provide the information to them, waiting for the 120-day period to run, and then reporting the information to the SEC. Essentially, Dodd-Frank requires reporting differences of opinion with supervisors up the chain of command of the organization all the way to the board of directors or audit committee prior to becoming eligible to receive a whistleblower award.

On August 29, 2014, the SEC announced a whistleblower award of more than $300,000, 20 percent of the $1.5 million settlement, to a company employee who performed audit and compliance functions and reported wrongdoing (insider trading and numerous securities violations) to the SEC after the company failed to take action within 120 days after the employee reported it internally. It is the first award for a whistleblower with an audit or compliance function at a company. The SEC mistakenly released the reference number of the case for which the whistleblower received the award resulting in the indirect release of that individual’s name. The SEC quickly redacted the reference number but it still violated the confidentiality requirement to protect the identity of the whistleblower. It will be interesting to see whether the violation has an effect on future would-be whistleblowers coming forward.

Some would say that blowing the whistle on one’s employer is an unethical act because of the trust companies place in their compliance personnel. Others would say, including myself, that if the compliance personnel, who have access to critical information, do not blow the whistle on fraud then investor interests are not protected by those who are in a position to evaluate the damage and protect the public interest.

Blog posted by Steven Mintz, aka Ethics Sage, on September 11, 2014. Dr. Mintz is a professor in the Orfalea College of Business at Cal Poly San Luis Obispo. He also blogs at: www.ethicssage.com.

Comments